bob.smith@xxxxxxxxxxx wrote:
Something strange in those script? Something that lead you to think
you've a rootkit installed?
I do this to get to know the system, I have been cracked many times and
quite honestly have enough of it. Either I get to know my system deep
down, or I run the box online all days all nights without protection.
The software included in the distro is fairly secure if you keep it up
to date with frequent 'yum update' runs. If you have been cracked 'many
times' it is likely to be because you have weak passwords that someone
is guessing through ssh, or you haven't kept the system up to date as
new exploits are discovered and fixed, or you have added 3rd party or
your own programs (like a lot of php web stuff...) that are insecure and
haven't kept them up to date.
--
Les Mikesell
lesmikesell@xxxxxxxxx
